November 2005 - Posts
One of the common questions we get in the SBS newsgroups is: “I'm using the SBS Tape Backup Wizard. How can I have it eject the tape when it is finished?”
The answer is that the SBS Tape Wizard does not provide an option to have the tape eject. You can, however, do this manually, by creating a batch file and scheduling it to run after your tape backup process should have completed. So, on my work server, my tape backup starts at 7:30pm, and iti finished around 11:30pm. I schedule my “eject” script to run at 5am in the morning.
You will need to modify the eject script below to identify your tape device, which you can find by opening up your SBS2003 Server Mgmt Console, and going to the Remote Storage Manager section.
Tape Eject script:
REM: This script will eject the backup tape
rsm.exe eject /LF"ARCHIVE Python 06408-XXX SCSI Sequential Device" /astart
Someone asked recently whether it would be best to go with Citrix or Microsoft's std Terminal Server product. IMO, especially for the small business marketplace, with Windows 2003 TS, Microsoft has given us a product that we can use instead of Citrix.
Vlad concurs, and wrote the following:
Microsoft didn't want to develop multi-user functionality for NT 3.51 so they licensed kernel source to Citrix. With release of 2000, Microsoft licensed back the rdp code which now runs both Citrix and Terminal Services (actually Citrix uses a slightly enhanced protocol called ica).
The advantages of Citrix in mid-sized business are slim, in smallbiz there are none. Multi-server farms, web publishing, etc are not targeted at smallbusiness budget. If all your clients are on Windows and you can get by with a single server/cluster you don't need to look at more than Terminal Services.
And Gavin has indicated that there are some new generic drivers available ('cause as well know, the biggest gotcha with TS is printer compatibility!):
As an FYI - W2K3 SP2 adds a new GENERIC laser and GENERIC DeskJet print drivers which will be used by default for any incompatible printer the TS box encounters! This is supposed to solve a lot of compatibility problems. It can be turned ON in Group Policy once SP2 is applied.
Finally, remember that W2K3 TS CALs are NOT covered by SBS CALs!
Some folks in the SmallBiz community were asking about recommendations on UPS's. Here was the original post:
Since UPSes were mentioned recently, I was wondering what you all are recommending for your clients with a lower-end server. At the high end we have APC SmartUPS. Are there others that do about the same thing but are cheaper? Other brands? What about using the APC BackUPS BX 1500 VA or similar? What do you lose by not using the SmartUPS? I would like to find a cost-effective solution but I don't want to skimp where skimping should not be done!
I summarized some of their responses below. Hope this helps!
- For the most part, if my company implements a server, non-rack mount case, we sell them a smart ups 750 by APC, if they are plugging multiple items in to it, we go the 1500 route, both are set at a reasonable price point.
- The APC Smart UPS series are speced as generator capable. It provides line interactive power capability to clean the dirty power the 5-15 k generators Provide. The lower priced APC UPSes are not generator rated. I find the competitors usually do not show any generator specs. If you do find other UPSes that are generator rated for less than one thousand US dollars, please let me know.
- I have to agree with the others, APC is about the only way to go. I've had clients that insist on saving a few dollars (and on strange stuff too), but I've never backed down on this point and I've never had to say "oops". APC has some lower end models, but the SmartUPS line has never been a problem for me.
- APC pretty much rules this market, but TrippLite makes decent products as well as is much less pricey.
- One thing that I'd like to add: test the battery regularly. The APC SmartUPS line can be connected to the computer that it is protecting and shut it down in the event of a failure. But the real thing to watch is that the battery is tested (this can be automated in the PowerChute software that comes with the UPS) you don't want to find out the battery is failing when you need it most. Usually a little over 2 years then you have to do something.
- I once installed a Belkin UPS for a client and it worked great. The only problem was that after I installed the Belkin equivalent of PowerChute, the server kept shutting down 30 seconds after login. Of course we did not discover this problem until I was off site and I logged into the server remotely. Do you have any idea what it's like to be 10 miles away from your client and to have a message pop up on your screen letting you know that you have 30 seconds until your client gets very, very angry with you? Not fun. It's been APC ever since.
You can run CEICW from SBS 2003 and select which attachments to be blocked. Or you can also make those same changes manually, per the instructions below:
1. Open Start, click Run, type %sbsprogramdir%\Networking in the Open box, and then press ENTER.
2. In the dialog box, find the SecAttsConfig.xml file, right-click the file and select Edit.
3. If you would like to allow the .vbs attachment (as an example), find the <Attachment Enabled="True" Extension="vb" Description="VBScript file"/> sentence, change it to <Attachment Enabled="False" Extension="vb" Description="VBScript file"/>.
NOTE: True = BLOCKED, False = ALLOWED
4. Click File in the menu, and then click Save to save the change to the SecAttsConfig.xml file.
Funny ... just when you think the whole world knows about some thing, you find out that ain't always the case.
Someone asked recently how to create a delay between executing two separate commands in a batch file. The answer (of course) is to use the 'sleep.exe' utility. But in Microsoft's infinite wisdom, they don't just give it to you ... you've got to download it, and install it. And then remember to install it on every workstation that may need torun the batch script you're creating.
Sleep.exe is included in the free Windows 2003 Resource Kit, which you can download from here:
And here is the command format:
Usage: sleep time-to-sleep-in-seconds
sleep [-m] time-to-sleep-in-milliseconds
sleep [-c] commited-memory ratio (1%-100%)
So, to force a delay of 3 seconds, you would enter sleep 3 or sleep -m 3000
Jeff Middleton's Swing Migration (www.sbsmigration.com) methodology has been used successfully around the world. You can use it to simply move a current SBS installation to new hardware, or to also upgrade from sBS2000 to SBS2003 at the same time. I thought I would post what I liked about using SBS Migration:
- It alows you work on the new server completely offline from the current server, allowing you to setup and configure everything without impacting users and current server. In fact, you can do it with the new server back at your office, and not at the custome site
- It does require a third computer that is used to swing the AD and other required files from the current to the new system. But in my case, I used a laptop with 1GB of memory, and Virtual PC.
- The current production server is only offline for a few minutes when you first copy over some files to your interim. After that, you don't touch the current server again until you are actually ready to do the cutover
- The Swing process retains the same server domain name on the new server, and that's important because:
- When you are done, in most cases, you do not have to go to any workstation and make any changes - no reconnecting workstations to the domain, etc.
I did my first Swing earlier this year, and when the users came in at the beginning of the week, they literally had no clue that we had swapped out servers. They logged in as normal, and began working!
This is a short compilation of responses from SBS consultants on how they are using external hard drives for SBS backups. Please add your thoughts and experiences
First, read Susan's blogs on: (1) Overview: http://msmvps.com/bradley/archive/2004/09/29/14590.aspx and (2) Tweaking NTBackup: http://msmvps.com/bradley/archive/2004/05/12/6318.aspx
Various notes, comments, ideas:
- One thing I have noticed - when you set it to back up to a drive, it sets it to keep 2 backup files and if it does that it will probably result in there not being enough space on the Rev - so be sure to select only one file. It will give you an alert, but you can ignore it.
- Most of the drives I've seen are formatted FAT32, which has a 4GB file size limit. This means many backups will fail ( since most systems are > 4GB ).Just convert the drive to NTFS and the problem goes away.
- For tape-based backups, we generally install an internal HDD as the staging disk. This is where we instruct the backup software to write the backup file. When the backup is completed, we have it run a command to copy the staging disk to an external USB drive. This seems to give better results for us. It reduces the number of caddies necessary.
- We purchased a REV Drive and SBS sees it as a CD and therefore the Server will not back up to the drive. Anyone know a work around? The work around is set the backup to save to a fixed disk, find the relevant key in the registry which says e.g F:\ and change it to the drive letter of the REV.
- We use SimpleTech external hard drives. We recommend at least two as a minimum. This has more capacity than the Rev Drive and is much cheaper. A 120GB drive retails for about $150.00, the Iomega REV 35GB/90GB** USB 2.0 external drive retails for $399 (prices from April 2005).
- Our customers have between 2 and 5 drives they cycle through, and we set the drives to hold 3 backups before overwriting.
- We have been using external USB drives for just over a year now, and recommend them to all of our clients. We haven't had any issues to date - very reliable and easy to use. We always do normal full backups . . . never incremental or differential . . .
- I'm using the SBS Backup wizard to do a full backup of the OS & Exchange, so that I get the email reports each morning. But I've separated the data backup, using a program called Second Copy, that does incremental backups of the data. The reason I like that solution is that Second Copy just copies the files, not putting them in a volume that you have to restor from - you just access the data files directly if you need to. You can install Second Copy as a Service so that it runs whether you're logged on or not. It's been very reliable.
- I have been trialling Hot Swap IDE RAID1 recently. Details: (1) The array is used solely for the backup, nothing else. I also store the ASR backup on there as well. (2) The reason for RAID1 is that you still have a copy on site as in my experience the vast majority of problems occurred since the last backup (although Previous Version is now mitigating this) and I can find no single drive Hot Swap IDE enclosures here. (3) Speed, speed, speed. (4) Cost is much lower than tape with the high capacity drives available. (5) Media handling and storage is an issue.
- I am now considering internal or external RAID1 hot swap PATA/SATA options from Accusys (www.accusys.com.tw) and Accordance Systems (www.accordance.com.tw). With a couple of spare drives this system can cost approx NZ$1.5K. My problem with this system is the sensitivity of the drives to handling and environmental conditions. Also the lack of ability to hold data for long periods (although you could probably buy a new drive and caddy every month for a year to overcome this).
This goes under the heading of: “Gee, I never thought about it, but now that you've asked, why don't we have it?“
In this case, the question is: How can I know who is currently using RWW, or get a report of who has used RWW?
There's nothing in the Server Mgmt report for this information. Best one can do is to open up Terminal Servies Manager console. For any session that shows both a user name and a computer name, then that is a local (internal) connection. But if a session only reports a user name (and no computer name), then that session is from an external session (RWW or MSTSC).
BTW, if you are interested, here is a summary of how a RWW session works:
- User navigates to the Computer Selection page of the Remote User Portal in a web browser, and is prompted to download the stanard Terminal Services ActiveX Component, if necessary.
- SBS queries the Active Directory for all internal client computers running an OS that supports Remote Desktop and provides the list to the user.
- User selects a computer from the list and presses Connect button.
- Server listens on TCP port 4125 which is already opened by firewall.
- SBS creates a connection to the internal client on port 3389 which is designed for TS and Remote Desktop.
- The TS ActiveX Control downloaded and installed on the external client creates a TS connection to the SBS server on port 4125.
- SBS Server forwards the connection to the internal Remote Desktop client or TS server as a TS/Remote Desktop client.